14:09:20 <rdieter> #startmeeting KDE SIG Meeting -- http://fedoraproject.org/wiki/SIGs/KDE/Meetings/2009-07-28
14:09:40 <rdieter> #topic roll call
14:09:46 <rdieter> who's present today?
14:09:50 <Kevin_Kofler> Present.
14:09:53 <svahl> present
14:10:06 <SMParrish> here
14:10:38 * thomasj here
14:11:16 <rdieter> #topic agenda
14:11:23 <than> here
14:11:36 <rdieter> turns out, we have no agenda, yet, so, what to discuss today?
14:12:09 <Kevin_Kofler> Handling of security fixes.
14:12:09 <rdieter> maybe some test day ideas...
14:12:12 * jeff_hann here
14:12:41 <than> kde4-rc3 status
14:13:35 <rdieter> ok, that's a good start
14:13:47 <rdieter> #topic kde4-rc3 status
14:14:00 <rdieter> than? :)
14:14:17 <than> i saw kevin already commited the security fixes
14:14:22 <than> in to cvs
14:14:53 <than> it seems the fix for CVE-2009-1725 is not correct
14:15:26 <than> the testcase still shows garbage character
14:15:29 <Kevin_Kofler> Maybe it's not complete.
14:15:30 <thomasj> KDE 4.3rc3 works flawless so far on F10 x86_64 (except a little icon problem with kde-plasma-networkmanagement)
14:15:41 <Kevin_Kofler> The WebKit commit increases the length of 2 buffers.
14:15:47 <than> yes
14:15:48 <Kevin_Kofler> The upstream KHTML commit only one of them.
14:15:54 <Kevin_Kofler> So it looks incomplete. :-(
14:16:02 <rdieter> #topic security fixes
14:16:15 * rdieter adjusts topic to match where we're going. :)
14:16:25 <Kevin_Kofler> Grrr, I guess we'll have to issue another update with the complete fix.
14:16:34 <than> we need to take a look at this
14:17:17 <Kevin_Kofler> One more general remark about security issues: if you fix a security issue in KDE in RHEL, can you please either also fix it in Fedora or tell us so we can fix it?
14:17:38 <Kevin_Kofler> I found those RHEL security updates by pure accident about 1 month after they were issued.
14:17:40 <than> Kevin_Kofler, i will do in the future
14:18:23 <rdieter> unfortunately too, therre seemed to be no (kde) upstream notice or announcement either.  maybe these weren't considered severe enough?
14:18:54 <Kevin_Kofler> My theory is that the KDE (upstream) security team is just getting lazy.
14:18:54 <than> Kevin_Kofler, do you know who has commited the fix in kde upstream?
14:19:12 <than> it seems they didn't test it
14:19:19 <Kevin_Kofler> They haven't issued any advisory for months, and even that one was just a single one, the previous one is again months older.
14:19:32 <Kevin_Kofler> than: "fabo" is the SVN account name.
14:20:11 <than> never seen fabo
14:20:45 <rdieter> good ideas, than, Kevin_Kofler either (or both) of you intested in doing followup on the security issues, test things, ping upstream (security, packagers), etc... ?
14:22:00 <than> i will ping dirk muller and ask him
14:22:23 <than> he is member of kde security team
14:22:42 <rdieter> #action than will contact kde security team
14:22:44 <rdieter> ok
14:23:02 <rdieter> anything else security-wise for now?
14:23:31 <Kevin_Kofler> For the CVE-2009-1725 fix: I don't see the second checkBuffer from the WebKit patch in the KHTML code.
14:23:49 <Kevin_Kofler> So I'm not sure why the fix is not working or not fully working.
14:23:54 <Kevin_Kofler> Somebody will have to check.
14:24:04 <than> Kevin_Kofler, it's not the same code
14:24:27 <Kevin_Kofler> Right, so it needs to be checked more carefully.
14:24:37 <than> yes
14:24:51 <Kevin_Kofler> Can you please take care of that?
14:24:58 <than> yes
14:25:53 <rdieter> ok, let's move on to something more fun
14:25:55 <than> i already built kde-4.3rc3 into rawhide
14:26:01 <rdieter> #topic kde-4.3-rc3 status
14:26:16 <than> it's great that rex uploaded it for F11 on kde.redhat
14:27:03 <rdieter> seems lots of folks, including a recent reviewer, http://www.osnews.com/story/21899/KDE_4_3_Shaping_Up_Nicely_KWin_Needs_Work , have been using these builds as well.
14:27:35 <rdieter> if you can look past the distro bashing in there
14:28:07 <rdieter> related, I recall seeing a comment that kde-4.3.0 final is to be tagged real soon now
14:29:26 <than> i hope people will test kde4-rc3 well and report to kde upstream when the find the bugs
14:31:49 <rdieter> I've a feeling this is going to be a good x.x.0 release
14:32:14 <Kevin_Kofler> I hope so...
14:32:14 <than> rdieter, it should be :)
14:34:03 <than> next topic!
14:34:17 <rdieter> #topic test day ideas
14:35:18 <rdieter> phonon-backend-gstreamer comes to mind, but I'd prefer if we could get a handle on https://bugzilla.redhat.com/show_bug.cgi?id=513421 first
14:35:20 <buggbot> Bug 513421: medium, low, ---, than, ASSIGNED, phonon-backend-gstreamer: The Audio playback device <foo> does not work, falling back to default
14:36:00 <than> i'm still working on it
14:36:54 <rdieter> oh, cool, I'll mark it ON_DEV then.
14:37:01 <than> rdieter, yes please
14:38:16 <rdieter> a kpackagekit test day may be worthwhile too, SMParrish, what do you think?  are there any test-cases that need love, more feedback?
14:38:47 <SMParrish> Yes installing unsigned packages would be a good test case
14:39:26 <rdieter> well, to justify a test-day, it'd be good to come up with more things to test... if there's just 1 or 2, we can do that ourselves probably
14:40:25 <rdieter> think about it
14:40:29 <Kevin_Kofler> Well, for Phonon-GStreamer, we only have 3 testcases at the moment (the ones I wrote down).
14:40:35 <SMParrish> Probably not enough to just an entire test day.  Just a few items but I'll give it some thought
14:40:38 <Kevin_Kofler> KPackageKit could potentially have more than that.
14:41:06 <Kevin_Kofler> That said, the "file type support" testcase is really many testcases. :-)
14:41:13 <rdieter> I'd like to be able to test update notifications, and defaults not changing, but that's harder
14:41:18 <Kevin_Kofler> You can test various exotic files for hours. ;-)
14:43:24 <SMParrish> Testing kpackagekit also includes testing the PackageKit backend so I'm sure there is alot we can look at
14:44:06 <rdieter> slap what ideas you have on the wiki somewhere, and we can expand it over time
14:44:23 <rdieter> #topic open discussion
14:44:29 <rdieter> anything else for today?
14:44:53 <rdieter> MathStuf_: are you around, can talk about kde-plasma-networkmanagement a bit
14:44:54 <Kevin_Kofler> Why is system-config-printer-kde being disabled for RHEL 6?
14:45:17 <Kevin_Kofler> rdieter: MathStuf_ is working, he's just logging the meeting.
14:46:57 <rdieter> ok, pinged wstephenson to give us a brief status report on kde-networkmanagement developments
14:47:16 <Kevin_Kofler> than: Some stuff I'd consider disabling for RHEL if it was up to me: kdeadmin-kpackage (barely works if at all, depends on smart), KsCD (ugly, buggy, depends on the deprecated libtunepimp).
14:47:59 <than> Kevin_Kofler, it's on my todo list
14:49:01 <than> Kevin_Kofler, do we have a replacement for ksCD?
14:49:21 <Kevin_Kofler> Not really. :-(
14:49:37 <Kevin_Kofler> I think we should package the old KsCD from KDE 4.1 in some way.
14:50:14 <Kevin_Kofler> It used FreeDB, it looked like a KDE app and it actually worked in setups like mine with 2 (or more) CD drives.
14:50:20 <wstephenson> hi
14:50:52 <than> that means KsCD from KDE 4.1 works better than the one in 4.2?
14:51:23 <Kevin_Kofler> From my experience, yes, definitely.
14:51:24 <rdieter> wstephenson: hi, mind giving us a brief status update on kde-networkmanagement, where it's at, where it's going, that kind of thing?
14:51:44 <Kevin_Kofler> That said, others reported the 4.1 one never worked for them and the new one does. So it's a case of YMMV, I guess.
14:51:51 <wstephenson> rdieter: sure
14:51:53 <wstephenson> now?
14:52:15 <Kevin_Kofler> wstephenson: Yes please. :-)
14:52:20 <rdieter> yes, please, we can continue other stuff when you're done.
14:52:41 <wstephenson> so as you know, the existing plasmoid is a giant sloppy hack
14:53:07 <wstephenson> this is because the NM design leaves too much up to the client (and I have told dcbw this)
14:53:24 <wstephenson> and we were not very disciplined in implementing it the first time around
14:53:59 <wstephenson> so we had a sprint sponsored by the KDE eV in Oslo at the end of may, and did a big redesign, which is now mostly implemented.
14:54:06 <Kevin_Kofler> Well, things like secrets are left to the client so they can use KWallet or gnome-keyring depending on the desktop.
14:54:42 <wstephenson> Kevin_Kofler: i mean much lower level things like combining APs to make a logical wireless network
14:55:23 <rdieter> shock and dismay. :)
14:55:52 <wstephenson> the current state is that we have created some libs which do 90% of the client work
14:56:07 <wstephenson> which was previously smeared all over the UI parts of the plasmoid
14:56:33 <wstephenson> and the plasmoid is now being rewritten to reflect that
14:57:21 <Kevin_Kofler> So is it in a shippable state now? If not, when will it be?
14:57:24 <wstephenson> partly because i was frustrated with the bugs in Qt 4.5 QGraphicsView (and therefore Plasma) and partly because I wanted to test these new libs without having to deal with QGV workarounds, i wrote a system tray applet
14:57:51 <wstephenson> standalone, monolithic process that does NMUserSettings and UI in one process, just like nm-applet
14:58:10 <wstephenson> this is *almost* shippable now.
14:58:14 <rdieter> fwiw, we've got newish builds for testing, if you think it's ready for that.
14:58:42 <wstephenson> the plasmoid is as of last night back at the level of the old plasmoid, with more layout issues. therefore not shippable
14:59:15 <wstephenson> in fact i've put a cmake hack in place that only builds a dummy applet instead of the one being worked on, to keep people from killing their Plasma with raw code.
14:59:31 <wstephenson> so for 4.3 i recommend you ship the knetworkmanager monolithic client.
14:59:41 <Kevin_Kofler> Why wasn't it possible to do the librarizing in a more gradual way, moving one function out to the library at a time, and replacing the hardcoded stuff with a library call at a time?
15:00:06 <rdieter> sounds like Kevin_Kofler is volunteering for some work. :)
15:00:08 <Kevin_Kofler> (rather than rewriting everything)
15:00:22 <Kevin_Kofler> rdieter: Well, it's too late now.
15:00:34 <wstephenson> Kevin_Kofler: that was how we did it, but it was not usable during that process
15:01:04 <Kevin_Kofler> Well, that doesn't seem to match my description of the process, but whatever, what's done is done. ;-)
15:01:06 <wstephenson> there's a minimum size block that it's practical to move while keeping overhead minimum
15:01:18 <Kevin_Kofler> The rewrite is almost complete, it seems, so fixing the layout issues in the rewrite is where we're headed, it seems.
15:01:20 <wstephenson> Kevin_Kofler: the original design was pretty bad
15:01:34 <wstephenson> s/pretty/really/
15:01:40 <adamw> hi, guys - you're a bit over time...can we get the room soon?
15:01:51 <wstephenson> ok, quickly
15:02:09 <Kevin_Kofler> FYI, we're not really working on KDE release cycles, but on Fedora ones (kinda like you're working on openSUSE release cycles ;-) ).
15:02:17 <wstephenson> outstanding item: VPNC support - GUI done, storage done, plumbing between the two not done
15:02:43 <Kevin_Kofler> F10 and F11 will just stay on the old kde-plasma-nm snapshot for now. The default there is nm-applet anyway.
15:02:45 <wstephenson> outstanding item: WPA-EAP where phase2 is auth, not autheap - broken UI design still needs fixed
15:03:01 <Kevin_Kofler> What we're having to decide is how to handle F12.
15:03:20 <wstephenson> outstanding item: cellular support - seems to be broken NM-wide in opensuse factory, so I haven't been able to test it. should work.
15:03:38 <wstephenson> Kevin_Kofler: that's what i thought you were deciding too.
15:04:12 <rdieter> alright, thanks, let's move back to #fedora-kde , leave the room for the other meetings
15:04:18 <rdieter> #endmeeting